Automatic Malware Classification via PRICoLBP. Issue 4 (1st July 2018)
- Record Type:
- Journal Article
- Title:
- Automatic Malware Classification via PRICoLBP. Issue 4 (1st July 2018)
- Main Title:
- Automatic Malware Classification via PRICoLBP
- Authors:
- Yan, Hanbing
Zhou, Hao
Zhang, Honggang - Abstract:
- Abstract : Creating effective features is a critical issue in malware analysis. It requires a proper tradeoff between discriminative power and invariance. Previous studies have shown that it is fairly effective to design features based on the binary code. However, the current existing binary‐based features seldom take into consideration the problem of obfuscation, such as relocated sections, incomplete code and redundant operations. In this paper, we propose a novel Pairwise rotation invariant co‐occurrence local binary pattern (PRICoLBP) feature, and further extend it to incorporate the Term frequency‐inverse document frequency (TFIDF) transform. Different from other static analysis techniques, our method not only achieves better linear separability, but also appears to be more resilient to obfuscation. In addition, we evaluate PRICoLBPTFIDF comprehensively on three datasets from different perspectives, e.g., classification performance, classifier selection and performance against obfuscation. What's more, we compare our PRICoLBP‐TFIDF method with other techniques, and demonstrate that PRICoLBP‐TFIDF is quite an efficient and effective tradeoff between discriminative power and invariance.
- Is Part Of:
- Chinese journal of electronics. Volume 27:Issue 4(2018)
- Journal:
- Chinese journal of electronics
- Issue:
- Volume 27:Issue 4(2018)
- Issue Display:
- Volume 27, Issue 4 (2018)
- Year:
- 2018
- Volume:
- 27
- Issue:
- 4
- Issue Sort Value:
- 2018-0027-0004-0000
- Page Start:
- 852
- Page End:
- 859
- Publication Date:
- 2018-07-01
- Subjects:
- Malware classification -- Pairwise rotation invariant co‐occurrence local binary pattern -- Term frequency‐inverse document frequency -- Texture classification -- Resilience to obfuscation
invasive software -- pattern classification -- program diagnostics
incomplete code -- redundant operations -- obfuscation -- classification performance -- PRICoLBP‐TFIDF method -- automatic malware classification -- malware analysis -- binary code -- term frequency‐inverse document frequency -- pairwise rotation invariant co‐occurrence local binary pattern feature -- binary‐based features -- classifier selection
Electronics -- Periodicals
Electronics -- China -- Periodicals
Electronics
China
Periodicals
621.38105 - Journal URLs:
- https://ietresearch.onlinelibrary.wiley.com/journal/20755597 ↗
http://ieeexplore.ieee.org/servlet/opac?punumber=7479413 ↗
http://ieeexplore.ieee.org/Xplore/home.jsp ↗ - DOI:
- 10.1049/cje.2018.05.001 ↗
- Languages:
- English
- ISSNs:
- 1022-4653
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3180.317180
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 16500.xml